To use Cyware you must have cookies enabled. By Registering or Signing in, you agree to our Terms and Privacy Policy. You can also signup using Google Account. We will not use your credentials to import contacts or post anything on your account without your permission.For more info, please see Login FAQ.

Numerous security vulnerabilities found in the Ubuntu operating system were addressed by Canonical this week. The flaws were present in components such as OpenJDK 8, SoX, OpenLDAP along with certain applications and libraries for Ubuntu. In addition, specific Linux Kernel vulnerabilities were also patched. Major flaws included privilege escalation, CRFL injection issue, denial-of-service (DoS) and remote code execution(RCE). Users are advised to update to the latest version of the OS.

Cisco addressed a medium-severity flaw that impacted the Cisco Enterprise License Manager. The vulnerability, tracked as CVE-2018-0105, is an information disclosure flaw and was found in the web framework of the product. An attacker could exploit this flaw by browsing a specific URL and subsequently view data library information. The flaw is reported to affect Enterprise License Manager version prior to the first fixed software release.

Google

Google has released the latest version of the Chrome browser. The new version, Chrome 76 includes 43 security fixes along with bringing new features to the browser. The security fixes patch major issues along with medium and low severity flaws. These include use-after-free (CVE-2019-5850, CVE-2019-5850), memory corruption (CVE-2019-5853), use-after-poison (CVE-2019-5853) and a flaw that loaded URLs in other browsers(CVE-2019-5859). Chrome users can update to the new version by clicking on ‘About Chrome’ in the Settings section.

HP

A minor application-related vulnerability has been fixed by HP. The flaw exposed configuration details in the Samsung Mobile Print app prior to version 4.08.007. Tracked as CVE-2019-6331, HP reports it to be due to information obfuscation in the application. It is fixed in 4.08.007, which is the latest release. The update can be found here.

Wind River Systems, which is the developer of the VxWorks operating system, has announced patches for 11 critical security vulnerabilities found in the networking protocols of the OS. Dubbed as URGENT/11, it was reported that around 200 million devices that use VxWorks are vulnerable to the flaws. The OS, which is the core product of the company, is used in embedded systems.

Versions that contain the flaws are VxWorks 7 (SR540 and SR610), VxWorks 6.5 to 6.9 and VxWorks versions using the Interpeak standalone network stack. More details on the update can be found here.

+ Aware

WRITTEN BY

Ryan Stewart

Ryan is a senior cybersecurity and privacy analyst. He keenly follows the innovation and development in cybersecurity technologies, and loves to educate everyone about the what, why, and how of major incidents in the cybersecurity world.

Who we are

Cyware is a first-of-its-kind, comprehensive cyber situational awareness platform, designed to help you stay informed about the latest happenings in the cyber world with expertly curated news stories and updates.

Our Technology

Let IBM's Watson Find the Right News For You

The cyber threat landscape is changing rapidly, and cybersecurity news has claimed its spot on the front pages in recent months. It's not easy to find the right information from tens of thousands of cyber news articles and feeds published every day. Our machine learning based curation engine brings you the most relevant cyber content based on your needs.

Receive Daily Cyber News in Your Inbox

From the latest cyber security trends and innovations to new malware, vulnerabilities and threat intelligence, we bring you the most up-to date and relevant cyber updates and news alerts.